Slashdot Mirror

← Back to Stories (view on slashdot.org)

Where is the Line on Email Privacy?

Posted by Cliff on from the dicey-moral-issues dept.

A Conflicted Hosting Admin asks: "Imagine you're a webmaster running your own server. You provide email accounts to a third party as a 'service' in addition to hosting a web site for the third party. Now, suppose that one of the companies that you are hosting a site and email addresses for decides they need access to an email account for a previously disassociated employee. Does that company now have access to the email even though there is no written contract nor technology use policy? Where does the independent hoster look for guidance on something such as this?"

"It could be interpreted that the company is looking for evidence of impropriety or dishonesty on the part of the prior employee, but there was never a question before the sudden termination to suggest anything out of the ordinary was ongoing. I am such an admin. I am ready to allow access to the company requesting it. Several details are bugging me though. First, I have never been asked for access to any other terminated employees' email. Second, I recently inquired about preserving email for a different employee and got the short answer that all company ties had to be completely terminated. Third, the server is not owned by the company in question. I'm completely (other than the following item) independent of the company. Fourth, it's my relative's account.
I've simply not responded so far, but how far do I go? I'm not an ISP and I don't have agreements with the users. I'm also not the IT dept. Has anyone else had anything remotely similar, and if so; how did you respond?"

1 of 103 comments (clear)

  1. I bet you're not an Experienced SysAdmin... by Anonymous Coward · · Score: 2, Funny

    If you were, then what to do would be obvious:

    1) Open your relative's email account, scan through his email.

    2) Save off all the stuff you can embarrass him with at family get-togethers. Make special note of such terms as "snookums" and "little homer" or whatnot.

    3) Find anything illegal and make an encrypted copy. Accidently lose those backup tapes. Not that you are going to blackmail your relative, but you might be able to get some moral compensation for your time and effort by spoofing email from your relative to the sender/recipient, and recommending the purp pony up some money to your favorite charity or else you'll go 'public' with it. If your relative winds up with some broken limbs, so much the better - he should have never been dealing with such people in the first place.

    4) Then, flat out delete anything that makes _you_ look bad.

    5) THEN send the batch of email to the company. Replace CRLF with \0, then tar, uuencode, compress, and bzip with a password. Make sure you remove the filename extensions at each step, and tell them it's 'zipped', and you did the work on a 'Mac' (.hqx the thing for good measure). Then, sign it with a pgp key that's registered to a third-party public key server that no-one can validate to unless they live in Tunisia.

    If the company wants the information so bad, they'll get it, eventually.

    6) Finally, to lighten the mood, spoof an email to your relative's wife pretending to be his 'office girlfriend', telling him how much she misses their little 'get togethers' in the copy room. Hillarity ensues.

    There, now you know what it takes to be an accomplished Systems Administrator.